Description
In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after security_sb_delete() fscrypt_destroy_keyring() must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landlock LSM don't get evicted until security_sb_delete(), this means that fscrypt_destroy_keyring() must be called *after* security_sb_delete(). This fixes a WARN_ON followed by a NULL dereference, only possible if Landlock was being used on encrypted files.
Product status
e6f4fd85ef1ee6ab356bfbd64df28c1cb73aee7e (git) before 992a3f3e8a0c92151dfdf65fc85567c865fd558a
d7e7b9af104c7b389a0c21eb26532511bce4b510 (git) before d77531fac6a1fd9f1db0195438ba5419d72b96c4
d7e7b9af104c7b389a0c21eb26532511bce4b510 (git) before 497ab5d9c7852dfedab2c9de75e41b60e54b7c5d
d7e7b9af104c7b389a0c21eb26532511bce4b510 (git) before ccb820dc7d2236b1af0d54ae038a27b5b6d5ae5a
391cceee6d435e616f68631e68f5b32d480b1e67 (git)
68d15d6558a386f46d815a6ac39edecad713a1bf (git)
5.15.78 (semver) before 5.15.105
5.10.154 (semver) before 5.11
6.0.8 (semver) before 6.1
6.1
Any version before 6.1
5.15.105 (semver)
6.1.22 (semver)
6.2.9 (semver)
6.3 (original_commit_for_fix)
References
git.kernel.org/...c/992a3f3e8a0c92151dfdf65fc85567c865fd558a
git.kernel.org/...c/d77531fac6a1fd9f1db0195438ba5419d72b96c4
git.kernel.org/...c/497ab5d9c7852dfedab2c9de75e41b60e54b7c5d
git.kernel.org/...c/ccb820dc7d2236b1af0d54ae038a27b5b6d5ae5a